[strongSwan] secrets and fqdn
Henry R. Prins
HPrins at multidataservices.com
Fri Nov 5 17:52:23 CET 2010
I just replaced a Linux box which was doing my VPN tunnels, for some
reason the settings I used before are no longer working. My secrets
file has always had the FQDN names due to the fact that a lot of the IPS
do change. And the appropriate FQDN's were set in the ipsec.conf as the
both the right and the left=fqdn.domain.com. For some reasons since I
started using the new box I get...
Can't authenticate: no preshared key found for `##.###.###.##` and
`##.###.###.##`. Attribute OAKLEY_ATHENTICATION_METHOD.
The IP addresses are the resolution of the FQDN names entered in both
files. If I change the ipsec.secrets file to use the ip address it
works, but of course now I have to update that every time the IP address
changes. Not quite as easy work around because when it changes now you
have to figure out what the old IP was in order to change it to the new
one. It seems like the FQDN names in the ipsec.secrets file are not
note being converted to ip addresses. Is there something simple I'm
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users